Search for vulnerabilities
| Vulnerability ID | VCID-e9qd-svur-cfh3 |
| Aliases |
CVE-2012-1608
GHSA-w3v6-r62r-fvqh |
| Summary | Typo3 API XSS Vulnerabilities The `t3lib_div::RemoveXSS` API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and inject arbitrary web script or HTML via non printable characters. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.0168 | https://api.first.org/data/v1/epss?cve=CVE-2012-1608 |
| epss | 0.0168 | https://api.first.org/data/v1/epss?cve=CVE-2012-1608 |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2012-1608 |
| generic_textual | MODERATE | https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771 |
| generic_textual | MODERATE | http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001 |
| generic_textual | MODERATE | http://www.debian.org/security/2012/dsa-2445 |
| generic_textual | MODERATE | http://www.openwall.com/lists/oss-security/2012/03/30/4 |
| Percentile | 0.81342 |
| EPSS Score | 0.0168 |
| Published At | June 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:26:52.449618+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-w3v6-r62r-fvqh/GHSA-w3v6-r62r-fvqh.json | 36.1.3 |